The present invention generally relates to knowledge based techniques. More particularly, the invention provides a method and system for processing a stream of information in a network computing environment using reputation characteristics associated with one or more nodes provided in a knowledge base. Merely by way of example, the invention has been applied to a computer network environment. But it would be recognized that the invention has a much broader range of applicability. For example, the invention can be applied to a firewall, an intrusion detection/prevention system, a server, a content filter device, an anti-virus process, an anti-SPAM device, a web proxy content filter, spyware, web security process, electronic mail filter, any combination of these, and others.
Telecommunication techniques have been around for numerous years. In the early days, telegraph generally transferred information from one geographical location to another geographical location using electrical signals in the form of “dots” and “dashes” over transmission lines. An example of commonly used electrical signals is Morse code. Telegraph has been, for the most part, replaced by telephone. The telephone was invented by Alexander Graham Bell in the 1800s to transmit and send voice information using electrical analog signals over a telephone line, or more commonly a single twisted pair copper line. Most industrialized countries today rely heavily upon telephone to facilitate communication between businesses and people, in general.
In the 1990s, another significant development in the telecommunication industry occurred. People began communicating to each other by way of computers, which are coupled to the telephone lines or telephone network. These computers or workstations coupled to each other can transmit many types of information from one geographical location to another geographical location. This information can be in the form of voice, video, and data, which have been commonly termed as “multimedia.” Information transmitted over the Internet or Internet “traffic” has increased dramatically in recent years. Information is now transmitted through networks, wide-area networks, telephone systems, and the Internet. This results in rapid transfer of information such as computer data, voice or other multimedia information.
Although the telecommunication industry has achieved major successes, certain drawbacks have also grown with wide spread communication networks. As merely an example, negative effects include an actor (initiator) to connect to another actor (acceptor) in a manner not acceptable to the acceptor. The inability for the acceptor to assess the risk of allowing connection from any initiator means is a problem for efficient resource management and protection of assets. Other drawbacks also exist.
As the size and speed of these networks increase, similar growth of malicious events using telecommunications techniques: stalking, cyber-stalking, harassment, hacking, spam, computer-virus outbreaks, Denial of Service attacks, extortion, fraudulent behaviors (e.g., such as fraudulent websites, scams, 419 spam, so-called phishing) have also continued to increase. This increase is largely due to the anonymous methods that can be used over a network to obscure the initiator's identity, location and disposition. These and other limitations are described throughout the present specification and more particularly below.
From the above, it is seen that a technique for improving security over a wide area network is highly desirable.